IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  DSM for Huawei USG6370

    Posted Fri November 19, 2021 04:54 PM

    Hello,

    our customer is asking us to integrate logs from a USG6370 Huawei firewall into our Qradar.

    I see that there are available DSMs for AR Series Router and S series switches but nothing specific for USG firewalls..has anyone already integrated this kind of device?

    Do we need to create manually a DSM and map the events to the proper QID?

    Thanks,

    Davide



    #QRadar
    #Support
    #SupportMigration


  • 2.  RE: DSM for Huawei USG6370

    Posted Wed November 24, 2021 09:14 AM

    Hi Davide,

    this topic seems to be a topic for a feature request. Here in the ideas portal https://ibm.biz/integrationrfe you can create your RFE.

    Or as you already mentioned you can create your own DSM for this device using the DSM Editor.

    Hope this helps you first.

    Regards,

    Ralph



    #QRadar
    #Support
    #SupportMigration


  • 3.  RE: DSM for Huawei USG6370

    Posted Wed November 24, 2021 09:30 AM

    Hi Ralph,

    thanks for your update.

    Soon we will start getting these logs into our Qradar, we may evaluate if they are being parsed by another DSM, then we may create our own DSM or open a RFE.

    Davide



    #QRadar
    #Support
    #SupportMigration